search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bug fixes (#5846)
[openemr.git] / interface / main / messages / save.php
blobd349397cdd68033117cf97e8e5e17e49677d7f9b
1 <?php
2
3 /**
4 * /interface/main/messages/save.php
5 *
6 * @package MedEx
7 * @link http://www.MedExBank.com
8 * @author MedEx <support@MedExBank.com>
9 * @copyright Copyright (c) 2017 MedEx <support@MedExBank.com>
10 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
11 */
12
13 require_once "../../globals.php";
14 require_once "$srcdir/lists.inc";
15 require_once "$srcdir/forms.inc";
16 require_once "$srcdir/patient.inc";
17 require_once "$srcdir/MedEx/API.php";
18
19 use OpenEMR\Common\Acl\AclMain;
20 use OpenEMR\Common\Session\SessionUtil;
21
22 $MedEx = new MedExApi\MedEx('MedExBank.com');
23 if ($_REQUEST['go'] == 'sms_search') {
24 $param = "%" . $_GET['term'] . "%";
25 $query = "SELECT * FROM patient_data WHERE fname LIKE ? OR lname LIKE ?";
26 $result = sqlStatement($query, array($param, $param));
27 while ($frow = sqlFetchArray($result)) {
28 $data['Label'] = 'Name';
29 $data['value'] = text($frow['fname'] . " " . $frow['lname']);
30 $data['pid'] = text($frow['pid']);
31 $data['mobile'] = text($frow['phone_cell']);
32 $data['allow'] = text($frow['hipaa_allowsms']);
33 $sql = "SELECT * FROM `medex_outgoing` where msg_pid=? ORDER BY `medex_outgoing`.`msg_uid` DESC LIMIT 1";
34 $data['sql'] = $sql;
35 $result2 = sqlQuery($sql, array($frow['pid']));
36 $data['msg_last_updated'] = $result2['msg_date'];
37 $data['medex_uid'] = $result2['medex_uid'];
38 $results[] = $data;
39 }
40
41 echo json_encode($results);
42 exit;
43 }
44 //you need admin privileges to update this.
45 if ($_REQUEST['go'] == 'Preferences') {
46 if (AclMain::aclCheckCore('admin', 'super')) {
47 $sql = "UPDATE `medex_prefs` SET `ME_facilities`=?,`ME_providers`=?,`ME_hipaa_default_override`=?,
48 `PHONE_country_code`=? ,`MSGS_default_yes`=?,
49 `POSTCARDS_local`=?,`POSTCARDS_remote`=?,
50 `LABELS_local`=?,`LABELS_choice`=?,
51 `combine_time`=?, postcard_top=?";
52
53 $facilities = implode("|", $_REQUEST['facilities']);
54 $providers = implode("|", $_REQUEST['providers']);
55 $HIPAA = ($_REQUEST['ME_hipaa_default_override'] ? $_REQUEST['ME_hipaa_default_override'] : '');
56 $MSGS = ($_REQUEST['MSGS_default_yes'] ? $_REQUEST['MSGS_default_yes'] : '');
57 $country_code = ($_REQUEST['PHONE_country_code'] ? $_REQUEST['PHONE_country_code'] : '1');
58
59 $myValues = array($facilities, $providers, $HIPAA, $country_code, $MSGS, $_REQUEST['POSTCARDS_local'], $_REQUEST['POSTCARDS_remote'], $_REQUEST['LABELS_local'], $_REQUEST['chart_label_type'], $_REQUEST['combine_time'], $_REQUEST['postcard_top']);
60
61 $_GLOBALS['chart_label_type'] = $_REQUEST['chart_label_type'];
62 sqlStatement('UPDATE `globals` SET gl_value = ? WHERE gl_name LIKE "chart_label_type" ', array($_REQUEST['chart_label_type']));
63
64 $query = "UPDATE `background_services` SET `active`='1',`execute_interval`=?, `require_once`='/library/MedEx/MedEx_background.php' WHERE `name`='MedEx'";
65 sqlQuery($query, array($_POST['execute_interval']));
66
67 $result['output'] = sqlQuery($sql, $myValues);
68 if ($result['output'] == false) {
69 $result['success'] = "medex_prefs updated";
70 }
71 $result = $MedEx->login('1');
72 echo json_encode($result);
73 }
74 exit;
75 }
76 if ($_REQUEST['MedEx'] == "start") {
77 if (AclMain::aclCheckCore('admin', 'super')) {
78 $query = "SELECT * FROM users WHERE id = ?";
79 $user_data = sqlQuery($query, array($_SESSION['authUserID']));
80 $query = "SELECT * FROM facility WHERE primary_business_entity='1' LIMIT 1";
81 $facility = sqlFetchArray(sqlStatement($query));
82
83 $data['firstname'] = $user_data['fname'];
84 $data['lastname'] = $user_data['lname'];
85 $data['username'] = $_SESSION['authUser'];
86 $data['password'] = $_REQUEST['new_password'];
87 $data['email'] = $_REQUEST['new_email'];
88 $data['telephone'] = $facility['phone'];
89 $data['fax'] = $facility['fax'];
90 $data['company'] = $facility['name'];
91 $data['address_1'] = $facility['street'];
92 $data['city'] = $facility['city'];
93 $data['state'] = $facility['state'];
94 $data['postcode'] = $facility['postal_code'];
95 $data['country'] = $facility['country_code'];
96 $data['sender_name'] = $user_data['fname'] . " " . $user_data['lname'];
97 $data['sender_email'] = $facility['email'];
98 $data['callerid'] = $facility['phone'];
99 $data['MedEx'] = "1";
100 $data['ipaddress'] = $_SERVER['REMOTE_ADDR'];
101
102 $prefix = 'http://';
103 if ($_SERVER["SSL_TLS_SNI"]) {
104 $prefix = "https://";
105 }
106 $data['website_url'] = $prefix . $_SERVER['HTTP_HOST'] . $web_root;
107 $practice_logo = "$OE_SITE_DIR/images/practice_logo.gif";
108 if (!file_exists($practice_logo)) {
109 $data['logo_url'] = $prefix . $_SERVER['HTTP_HOST'] . $web_root . "/sites/" . $_SESSION["site_id"] . "/images/practice_logo.gif";
110 } else {
111 $data['logo_url'] = $prefix . $_SERVER['HTTP_HOST'] . $GLOBALS['images_static_relative'] . "/menu-logo.png";
112 }
113 $response = $MedEx->setup->autoReg($data);
114 if (($response['API_key'] > '') && ($response['customer_id'] > '')) {
115 sqlQuery("DELETE FROM medex_prefs");
116 $runQuery = "SELECT * FROM facility ORDER BY name";
117 $fetch = sqlStatement($runQuery);
118 while ($frow = sqlFetchArray($fetch)) {
119 $facilities[] = $frow['id'];
120 }
121 $runQuery = "SELECT * FROM users WHERE username != '' AND active = '1' AND authorized = '1'";
122 $prove = sqlStatement($runQuery);
123 while ($prow = sqlFetchArray($prove)) {
124 $providers[] = $prow['id'];
125 }
126 $facilities = implode("|", $facilities);
127 $providers = implode("|", $providers);
128 $sqlINSERT = "INSERT INTO `medex_prefs` (
129 MedEx_id,ME_api_key,ME_username,
130 ME_facilities,ME_providers,ME_hipaa_default_override,MSGS_default_yes,
131 PHONE_country_code,LABELS_local,LABELS_choice)
132 VALUES (?,?,?,?,?,?,?,?,?,?)";
133 sqlStatement($sqlINSERT, array($response['customer_id'], $response['API_key'], $_POST['new_email'], $facilities, $providers, "1", "1", "1", "1", "5160"));
134 $query = "UPDATE `background_services` SET `active`='1',`execute_interval`='5', `require_once`='/library/MedEx/MedEx_background.php' WHERE `name`='MedEx'";
135 sqlQuery($query);
136 $info = $MedEx->login('2');
137
138 if ($info['token']) {
139 $info['show'] = xlt("Sign-up successful for") . " " . $data['company'] . ".<br />" . xlt("Proceeding to Preferences") . ".<br />" . xlt("If this page does not refresh, reload the Messages page manually") . ".<br />";
140 //get js to reroute user to preferences.
141 echo json_encode($info);
142 }
143 } else {
144 $response_prob = array();
145 $response_prob['show'] = xlt("We ran into some problems connecting your EHR to the MedEx servers") . ".<br >
146 " . xlt('Most often this is due to a Username/Password mismatch') . "<br />"
147 . xlt('Run Setup again or contact support for assistance') .
148 " <a href='https://medexbank.com/cart/upload/'>MedEx Bank</a>.<br />";
149 echo json_encode($response_prob);
150 sqlQuery("UPDATE `background_services` SET `active`='0' WHERE `name`='MedEx'");
151 }
152 //then redirect user to preferences with a success message!
153 } else {
154 echo xlt("Sorry you are not privileged enough. Enrollment is limited to Adminstrator accounts.");
155 }
156 exit;
157 }
158
159 if (($_REQUEST['pid']) && ($_REQUEST['action'] == "new_recall")) {
160 $query = "SELECT * FROM patient_data WHERE pid=?";
161 $result = sqlQuery($query, array($_REQUEST['pid']));
162 $result['age'] = $MedEx->events->getAge($result['DOB']);
163 // uuid is binary and will break json_encode in binary form (not needed, so will remove it from $result array)
164 unset($result['uuid']);
165
166 /**
167 * Did the clinician create a PLAN at the last visit?
168 * To do an in office test, and get paid for it,
169 * we must have an order (and a report of the findings).
170 * If the practice is using the eye form then uncomment the 5 lines below.
171 * It provides the PLAN and orders for next visit.
172 * As forms mature, there should be a uniform way to find the PLAN?
173 * And when that day comes we'll put it here...
174 * The other option is to use Visit Categories here. Maybe both? Consensus?
175 */
176 $query = "SELECT ORDER_DETAILS FROM form_eye_mag_orders WHERE pid=? AND ORDER_DATE_PLACED < NOW() ORDER BY ORDER_DATE_PLACED DESC LIMIT 1";
177 $result2 = sqlQuery($query, array($_REQUEST['pid']));
178 if (!empty($result2)) {
179 $result['PLAN'] = $result2['ORDER_DETAILS'];
180 }
181
182 $query = "SELECT * FROM openemr_postcalendar_events WHERE pc_pid =? ORDER BY pc_eventDate DESC LIMIT 1";
183 $result2 = sqlQuery($query, array($_REQUEST['pid']));
184 if ($result2) { //if they were never actually scheduled this would be blank
185 $result['DOLV'] = oeFormatShortDate($result2['pc_eventDate']);
186 $result['provider'] = $result2['pc_aid'];
187 $result['facility'] = $result2['pc_facility'];
188 }
189 /**
190 * Is there an existing Recall in place already????
191 * If so we need to use that info...
192 */
193 $query = "SELECT * from medex_recalls where r_pid=?";
194 $result3 = sqlQuery($query, array($_REQUEST['pid']));
195 if ($result3) {
196 $result['recall_date'] = $result3['r_eventDate'];
197 $result['PLAN'] = $result3['r_reason'];
198 $result['facility'] = $result3['r_facility'];
199 $result['provider'] = $result3['r_provider'];
200 }
201 echo json_encode($result);
202 exit;
203 }
204
205 if (($_REQUEST['action'] == 'addRecall') || ($_REQUEST['add_new'])) {
206 $result = $MedEx->events->save_recall($_REQUEST);
207 echo json_encode('saved');
208 exit;
209 }
210
211 if (($_REQUEST['action'] == 'delete_Recall') && ($_REQUEST['pid'])) {
212 $MedEx->events->delete_recall();
213 echo json_encode('deleted');
214 exit;
215 }
216
217 // Clear the pidList session whenever this page is loaded.
218 // $_SESSION['pidList'] will hold array of patient ids
219 // which is then used to print 'postcards' and 'Address Labels'
220 // Thanks Terry!
221 SessionUtil::unsetSession('pidList');
222 $pid_list = array();
223
224 if ($_REQUEST['action'] == "process") {
225 $new_pid = json_decode($_POST['parameter'], true);
226 $new_pc_eid = json_decode($_POST['pc_eid'], true);
227
228 if (($_POST['item'] == "phone") || (($_POST['item'] == "notes") && ($_POST['msg_notes'] > ''))) {
229 $sql = "INSERT INTO medex_outgoing (msg_pc_eid, msg_type, msg_reply, msg_extra_text) VALUES (?,?,?,?)";
230 sqlQuery($sql, array('recall_' . $new_pid[0], $_POST['item'], $_SESSION['authUserID'], $_POST['msg_notes']));
231 return "done";
232 }
233 $pc_eidList = json_decode($_POST['pc_eid'], true);
234 $pidList = json_decode($_POST['parameter'], true);
235 $sessionSetArray['pc_eidList'] = $pc_eidList[0];
236 $sessionSetArray['pidList'] = $pidList;
237 SessionUtil::setSession($sessionSetArray);
238
239 if ($_POST['item'] == "postcards") {
240 foreach ($pidList as $pid) {
241 $sql = "INSERT INTO medex_outgoing (msg_pc_eid, msg_type, msg_reply, msg_extra_text) VALUES (?,?,?,?)";
242 sqlQuery($sql, array('recall_' . $pid, $_POST['item'], $_SESSION['authUserID'], 'Postcard printed locally'));
243 }
244 }
245 if ($_POST['item'] == "labels") {
246 foreach ($pidList as $pid) {
247 $sql = "INSERT INTO medex_outgoing (msg_pc_eid, msg_type, msg_reply, msg_extra_text) VALUES (?,?,?,?) ON DUPLICATE KEY UPDATE msg_extra_text='Label repeat'";
248 sqlQuery($sql, array('recall_' . $pid, $_POST['item'], $_SESSION['authUserID'], 'Label printed locally'));
249 }
250 }
251 echo text(json_encode($pidList));
252 exit;
253 }
254 if ($_REQUEST['go'] == "Messages") {
255 if ($_REQUEST['msg_id']) {
256 $result = updateMessage($_REQUEST['msg_id']);
257 echo json_encode($result);
258 exit;
259 }
260 }
261 exit;
Mirror of official OpenEMR Sourceforge repository